Programming Windows Identity Foundation – Microsoft Press

Writing books can be a huge time suck. Writing books can be a maddening and often times unrewarding exercise that starts with the desire to get your message and knowledge out to your target audience in a consumable manner that conveys knowledge in your own voice.
Enter editors – who tend to ramp you back and change your voice, your style, and your personality into something that barely resembles you. And, the message and style often gets lost in the process.
However, now and then, the author has such a strong style and a strong will that even the editors can’t ratchet back the message and style. One such book is the fantastic book “Programming Windows Identity Foundation” by Vittorio Bertocci.

The Windows Identity Foundation (or, WIF) is a claims-based identity model for the .Net Framework. By being based on the .Net Framework, this means that any modern Windows Server and application can participate in strong identity authentication and authorization using common and very secure methods to determine the user, what the user has access to, and what the application can do with data.
Bertocci is a Senior Architect Evangelist on the extended Windows Identity team. His primary job is to interact and work with customers to see that their needs are met using the Windows platform. His experience in Identity, cloud computing and the Azure platform put him in a unique position to provide deep and concise guidance on how to use WIF to solve identity needs in customer applications and servers.
The book looks at the basis of Windows Identity using WIF. His explanations are clear, concise and understandable to even the most novice to identify and claims-based technologies. Which, is a good thing, because – this is not simple stuff. But, Vittorio explains in such a way that the reader is instantly familiar with what the problems with identity across disparate systems and applications are, and how WIF can solve these problems. He walks the reader through how claims-based identity works, and then applies it immediately to real-world solutions in .Net and ASP.Net.

And, this is only the opening section. Vittorio then takes the reader into deeper territory. Make no mistake – the reader has enough to go on in the first section. With some forethought and use of the guidance that he provides, you can already add value to your current applications. But, basics are rarely enough to manage the hard problems. Vittorio dives deeper into WIF to provide information on using ASP.Net and WIF to solve bigger problems in identity. He takes the reader into advanced ASP.Net development for identity and then looks at how WIF and the Windows Communications Framework (WCF) can tackle bigger problems.
The shift to cloud computing is a paradigm that is of current concern to most application developers. And, identity is a key issue. How can I manage who access my cloud and how do I authorize against the disparate application on premise and in the cloud? The answers are well-covered in his treatments on the Windows Azure platform and WIF.
Finally, Vittorio gives a glimpse of what is to come and the challenges that the developer will face. There is no question that the problems will be more complex and that the solutions will require a great deal of imagination and innovation. It’s clear that Vittorio has a handle on these issues and that his vision of what Microsoft will be doing in server and in platform tools, interfaces and techniques is not only mature – but available today.

The most amazing thing is that most computer books on technologies this complex weigh in at 500+ pages. Vittorio manages to convey the very complex topics into a completely applicable guide in less than 250 pages.
Frankly, you will be hard-pressed to find a more complete and technically consumable treatment of WIF and the problems faced by applications and platforms needing identity functions. If you look for one book to cover the majority of identity and claims-based processes – this is the book.